A Tulane University-owned laptop was stolen last year that had a file containing private information of each person employed at the university in the past year, according to school officials.
The computer had W-2 information, names, Social Security numbers, address and salary for every employee, including student and part-time employees and anyone who will receive a 2010 W-2.
School officials say the laptop, used to process 2010 tax records during the university’s winter break, was not encrypted and was in a briefcase in the locked automobile of an employee who was out of town. It was stolen Dec. 29, and school officials were notified the following day.
The university has sent letters to the more than 10,000 affected individuals
Read more on WWLTV
At the time of this posting, there does not appear to be any notice on Tulane’s web site.
So a laptop with such sensitive and unencrypted data was just left in a car while the employee was out of town? It seems that some universities still have not quite mastered this information security thing in terms of ensuring that employees comply with policies and good practices.
Update Jan. 18: See this follow-up blog post for additional details on the incident.